Content-Type: multipart/mixed; boundary="===============3338248760986370593=="
MIME-Version: 1.0

--===============3338248760986370593==
Content-Type: text/cloud-boothook; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="boothook.txt"

#cloud-boothook
#!/bin/bash

function add_str_to_file_if_not_exists {
    file=$1
    str=$2
    val=$3
    if ! grep -q "^ *${str}" $file; then
        echo $val >> $file
    fi
}

cloud-init-per instance wipe_sources_list_templates /bin/sh -c 'echo | tee /etc/cloud/templates/sources.list.ubuntu.tmpl'

# configure udev rules

# udev persistent net
cloud-init-per instance udev_persistent_net1 /etc/init.d/networking stop

ADMIN_MAC=ec:b1:d7:9d:90:f0
ADMIN_IF=$(echo ec:b1:d7:9d:90:f0_eno49,ec:b1:d7:9d:90:f8_eno50,8c:dc:d4:b7:97:80_ens1f0,8c:dc:d4:b7:97:81_ens1f1,8c:dc:d4:b7:95:68_ens2f0,8c:dc:d4:b7:95:69_ens2f1 | sed 's/[,=]/\n/g' | grep "$ADMIN_MAC" | cut -d_ -f2 | head -1)
# Check if we do not already have static config (or interface seems unconfigured)
if [ ! -d "/etc/network/interfaces.d" ]; then
    mkdir -p /etc/network/interfaces.d
    echo 'source /etc/network/interfaces.d/*' > /etc/network/interfaces
fi
if [ ! -e "/etc/network/interfaces.d/ifcfg-$ADMIN_IF" ]; then
    echo -e "auto $ADMIN_IF\niface $ADMIN_IF inet static\n\taddress 10.20.0.7\n\tnetmask 255.255.255.0\n\tgateway 10.20.0.2" > /etc/network/interfaces.d/ifcfg-"$ADMIN_IF"
fi

cloud-init-per instance udev_persistent_net5 /etc/init.d/networking start

# end of udev

#FIXME(agordeev): if operator updates dns settings on masternode after the node had been provisioned,
#                 cloud-init will start to generate resolv.conf with non-actual data
cloud-init-per instance resolv_conf_mkdir mkdir -p /etc/resolvconf/resolv.conf.d
cloud-init-per instance resolv_conf_remove rm -f /etc/resolv.conf
cloud-init-per instance resolv_conf_head_remove rm -f /etc/resolvconf/resolv.conf.d/head
cloud-init-per instance resolv_conf_header /bin/sh -c 'echo "# re-generated by cloud-init boothook only at the first boot;" | tee /etc/resolv.conf'
cloud-init-per instance resolv_conf_search /bin/sh -c 'echo "search opnfvericsson.se" | tee -a /etc/resolv.conf'
cloud-init-per instance resolv_conf_domain /bin/sh -c 'echo "domain opnfvericsson.se" | tee -a /etc/resolv.conf'
cloud-init-per instance resolv_conf_head_header /bin/sh -c 'echo "# re-generated by cloud-init boothook only at the first boot;" | tee /etc/resolvconf/resolv.conf.d/head'
cloud-init-per instance resolv_conf_head_search /bin/sh -c 'echo "search opnfvericsson.se" | tee -a /etc/resolvconf/resolv.conf.d/head'
cloud-init-per instance resolv_conf_head_domain /bin/sh -c 'echo "domain opnfvericsson.se" | tee -a /etc/resolvconf/resolv.conf.d/head'
cloud-init-per instance resolv_conf_nameserver /bin/sh -c 'echo nameserver 10.20.0.2 | tee -a /etc/resolv.conf'
cloud-init-per instance resolv_conf_head_nameserver /bin/sh -c 'echo nameserver 10.20.0.2 | tee -a /etc/resolvconf/resolv.conf.d/head'

# configure black module lists
# virt-what should be installed
if [ ! -f /etc/modprobe.d/blacklist-i2c_piix4.conf ]; then
    ( (virt-what | fgrep -q "virtualbox") && echo "blacklist i2c_piix4" >> /etc/modprobe.d/blacklist-i2c_piix4.conf || :) && update-initramfs -u -k all
    modprobe -r i2c_piix4
fi

cloud-init-per instance conntrack_ipv4 /bin/sh -c 'echo nf_conntrack_ipv4 | tee -a /etc/modules'
cloud-init-per instance conntrack_ipv6 /bin/sh -c 'echo nf_conntrack_ipv6 | tee -a /etc/modules'
cloud-init-per instance conntrack_proto_gre /bin/sh -c 'echo nf_conntrack_proto_gre | tee -a /etc/modules'
cloud-init-per instance conntrack_max /bin/sh -c 'echo "net.nf_conntrack_max=1048576" | tee -a /etc/sysctl.conf'
cloud-init-per instance kernel_panic /bin/sh -c 'echo "kernel.panic=60" | tee -a /etc/sysctl.conf'

cloud-init-per instance conntrack_ipv4_load modprobe nf_conntrack_ipv4
cloud-init-per instance conntrack_ipv6_load modprobe nf_conntrack_ipv6
cloud-init-per instance conntrack_proto_gre_load modprobe nf_conntrack_proto_gre
cloud-init-per instance conntrack_max_set sysctl -w "net.nf_conntrack_max=1048576"
cloud-init-per instance kernel_panic_set sysctl -w "kernel.panic=60"

cloud-init-per instance dhclient /bin/sh -c 'echo "supersede routers 0;" | tee /etc/dhcp/dhclient.conf'

# ntp sync
# '| tee /dev/null' is needed for returning zero execution code always
cloud-init-per instance stop_ntp /bin/sh -c 'service ntp stop | tee /dev/null'
cloud-init-per instance sync_date ntpdate -t 4 -b 10.20.0.2
cloud-init-per instance sync_hwclock hwclock --systohc

cloud-init-per instance edit_ntp_conf1 sed -i '/^\s*tinker panic/ d' /etc/ntp.conf
cloud-init-per instance edit_ntp_conf2 sed -i '1 i tinker panic 0' /etc/ntp.conf
cloud-init-per instance edit_ntp_conf_mkdir mkdir -p /var/lib/ntp
cloud-init-per instance edit_ntp_conf_chown_dir chown ntp: /var/lib/ntp
cloud-init-per instance edit_ntp_conf3 /bin/sh -c 'echo 0 | tee /var/lib/ntp/ntp.drift'
cloud-init-per instance edit_ntp_conf_chown_drift chown ntp: /var/lib/ntp/ntp.drift
cloud-init-per instance edit_ntp_conf4 sed -i '/^\s*server/ d' /etc/ntp.conf
cloud-init-per instance edit_ntp_conf5 /bin/sh -c 'echo "server 10.20.0.2 burst iburst" | tee -a /etc/ntp.conf'
cloud-init-per instance start_ntp service ntp start

cloud-init-per instance removeUseDNS sed -i --follow-symlinks -e '/UseDNS/d' /etc/ssh/sshd_config
add_str_to_file_if_not_exists /etc/ssh/sshd_config 'UseDNS' 'UseDNS no'

cloud-init-per instance gssapi_disable sed -i -e "/^\s*GSSAPICleanupCredentials yes/d" -e "/^\s*GSSAPIAuthentication yes/d" /etc/ssh/sshd_config

cloud-init-per instance nailgun_agent_0 /bin/sh -c 'echo "rm -f /etc/nailgun-agent/nodiscover" | tee /etc/rc.local'
cloud-init-per instance nailgun_agent_1 /bin/sh -c 'echo "flock -w 0 -o /var/lock/agent.lock -c \"/usr/bin/nailgun-agent >> /var/log/nailgun-agent.log 2>&1\"" | tee -a /etc/rc.local'

# Copying default bash settings to the root directory
cloud-init-per instance skel_bash cp -f /etc/skel/.bash* /root/

cloud-init-per instance hiera_puppet mkdir -p /etc/puppet /var/lib/hiera
cloud-init-per instance touch_puppet touch /var/lib/hiera/common.yaml /etc/puppet/hiera.yaml /var/log/puppet.log
cloud-init-per instance chmod_puppet chmod 600 /var/log/puppet.log
--===============3338248760986370593==
Content-Type: text/cloud-config; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="cloud_config.txt"

#cloud-config
resize_rootfs: false
growpart:
  mode: false
disable_ec2_metadata: true
disable_root: false
users:

  - name: fueladmin
    passwd: $6$/sCsd7xES5GkkYSh$zz0xDYLDQpc3HYpbx0yV8o79/kRyBy5.UbjXCAvn5Bx42ipngNo.BbZMXBk5cqD7IDHd5g8xP335Bx4v8lsnV1
    lock_passwd: False
    homedir: /home/fueladmin
    shell: /bin/bash
    
    ssh_authorized_keys:
    
      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXqFh9mI0HCkH9raOLA1h56whXjaIIK2cqb9yNXATOtf6S3OHzfDfPdXsiMkuhWvzGSYcJDuniZQ7FoRV6S6qHQHMXltZJZRwzifCFq4INUBCrBqLXhxJHqPJ49JX0M3qHnOMWgAZV4tHnKFvfYTZnNfbIXdsJ6H+dwaTEbq0xDC5xY8fZxndzVKwlVpLurfVUdFDtZzZzRMzkiQmvW+dW5lSTx+/j3lrCZetX/T8HJp/iJRSJooqfGTTE2U56y/nckVQ2P5FXcMXlmaM1gnGucRT3ffZre9jigiY2SHcQhfWmqGsirwiqesZ05hluuXnSjw5jwV+0Eg/JUn2n3Wj3 root@fuel-ericsson-pod4
    
    
    
    sudo:
    
      - "ALL=(ALL) NOPASSWD: ALL"
    
    

  - name: fuel
    passwd: $6$ilpbntmhZpobnLtq$XKAgDVBLmDDMuSSmH2X/4IDEZ3vGhvsCb8Ii9ox1y8aQSQxPx4lxDCsun2WKt.U3RS.2.0PYMqD6fMky/CcNT/
    lock_passwd: False
    homedir: /var/lib/fuel
    shell: /bin/bash
    
    ssh_authorized_keys:
    
      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXqFh9mI0HCkH9raOLA1h56whXjaIIK2cqb9yNXATOtf6S3OHzfDfPdXsiMkuhWvzGSYcJDuniZQ7FoRV6S6qHQHMXltZJZRwzifCFq4INUBCrBqLXhxJHqPJ49JX0M3qHnOMWgAZV4tHnKFvfYTZnNfbIXdsJ6H+dwaTEbq0xDC5xY8fZxndzVKwlVpLurfVUdFDtZzZzRMzkiQmvW+dW5lSTx+/j3lrCZetX/T8HJp/iJRSJooqfGTTE2U56y/nckVQ2P5FXcMXlmaM1gnGucRT3ffZre9jigiY2SHcQhfWmqGsirwiqesZ05hluuXnSjw5jwV+0Eg/JUn2n3Wj3 root@fuel-ericsson-pod4
    
    
    
    sudo:
    
      - "ALL=(ALL) NOPASSWD: ALL"
    
    

  - name: root
    passwd: $6$ej5cXQDQkWAu3r4v$khszcYy/n8ciE0tgq6uRpZmQjt1XsVP0zMSN4s9oBQkcL.vodTRBPz5LFBYrqimFs2GEDqRmfa/G0OsyZERUF/
    lock_passwd: False
    homedir: /root
    shell: /bin/bash
    
    ssh_authorized_keys:
    
      - ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCXqFh9mI0HCkH9raOLA1h56whXjaIIK2cqb9yNXATOtf6S3OHzfDfPdXsiMkuhWvzGSYcJDuniZQ7FoRV6S6qHQHMXltZJZRwzifCFq4INUBCrBqLXhxJHqPJ49JX0M3qHnOMWgAZV4tHnKFvfYTZnNfbIXdsJ6H+dwaTEbq0xDC5xY8fZxndzVKwlVpLurfVUdFDtZzZzRMzkiQmvW+dW5lSTx+/j3lrCZetX/T8HJp/iJRSJooqfGTTE2U56y/nckVQ2P5FXcMXlmaM1gnGucRT3ffZre9jigiY2SHcQhfWmqGsirwiqesZ05hluuXnSjw5jwV+0Eg/JUn2n3Wj3 root@fuel-ericsson-pod4
    
    
    

chpasswd: { expire: false }
ssh_pwauth: false

# set the locale to a given locale
# default: en_US.UTF-8
locale: en_US.UTF-8

timezone: Etc/UTC

hostname: node-2.opnfvericsson.se
fqdn: node-2.opnfvericsson.se


# add entries to rsyslog configuration
rsyslog:
  - filename: 00-remote.conf
    content: |
      $template LogToMaster, "<%PRI%>1 %$NOW%T%TIMESTAMP:8:$%Z %HOSTNAME% %APP-NAME% %PROCID% %MSGID% -%msg%\n"
      *.* @10.20.0.2;LogToMaster


# that module's missing in 0.6.3, but existent for >= 0.7.3
write_files:
 -   content: |
        ---
        url: http://10.20.0.2:8000/api
     path: /etc/nailgun-agent/config.yaml
 -   content: target
     path: /etc/nailgun_systemtype

mcollective:
  conf:
    main_collective: mcollective
    collectives: mcollective
    libdir: /usr/share/mcollective/plugins
    logfile: /var/log/mcollective.log
    loglevel: debug
    daemonize: 0
    direct_addressing: 1
    ttl: 4294957
    securityprovider: psk
    plugin.psk: unset
    identity: 2

    connector: rabbitmq
    plugin.rabbitmq.vhost: mcollective
    plugin.rabbitmq.pool.size: 1
    plugin.rabbitmq.pool.1.host: 10.20.0.2
    plugin.rabbitmq.pool.1.port: 61613
    plugin.rabbitmq.pool.1.user: mcollective
    plugin.rabbitmq.pool.1.password: f7mVwIKibPYergN0bGOqgnxO
    plugin.rabbitmq.heartbeat_interval: 30

    factsource: yaml
    plugin.yaml: /etc/mcollective/facts.yaml

puppet:
  conf:
    main:
      logdir: /var/log/puppet
      rundir: /var/run/puppet
      ssldir: $vardir/ssl
      pluginsync: true
      prerun_command: /bin/true
      postrun_command: /bin/true
      stringify_facts: false
    agent:
      classfile: $vardir/classes.txt
      localconfig: $vardir/localconfig
      server: localhost
      report: false
      configtimeout: 600

runcmd:

 - /usr/sbin/invoke-rc.d puppet stop
 - /usr/sbin/update-rc.d -f puppet remove


 - rm -f /etc/init/mcollective.override

 - iptables -t filter -F INPUT
 - iptables -t filter -F FORWARD

final_message: "YAY! The system is finally up, after $UPTIME seconds"
--===============3338248760986370593==--
